Hi Marek,
On 01/24/2017 11:47 AM, Marek Posolda wrote:
Can you doublecheck this scenario on your side? Are you using latest
Keycloak master?
So I double checked. We are using 2.5.0, NOT latest master, but it does
NOT work:
As soon as I check "user must change password on next logon", the MSAD
attribute pwdLastSet changes to 0. (that is correct, confirmed with an ldif)
However, keycloak tells me: invalid username or password. Removing the
checkbox sets pwdLastSet to -1, and the logon succeeds again.
Searching through jira, I don't see an explanation for the difference in
behaviour between 2.5.0 and 2.5.1. If I can find some time, I'll try
installing 2.5.1, to see if it works there...
MJ